CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
99.5%
Added: 08/07/2006
CVE: CVE-2002-1123
BID: 5411
OSVDB: 10132
Microsoft SQL Server is a database server package for Windows platforms.
Microsoft SQL Server 2000 is affected by a buffer overflow vulnerability in the code which handles user authentication. This allows a remote attacker to execute arbitrary commands.
Apply the patch referenced in Microsoft Security Bulletin 02-056.
<http://www.microsoft.com/technet/security/bulletin/ms02-056.mspx>
Exploit works on Microsoft SQL Server 2000 SP2 on Windows 2000.
Windows